摘要
本文在基于入侵诱骗技术的思想上,提出了在防火墙和IDS后加入入侵诱骗技术的新的主动防御系统——入侵诱骗系统。入侵诱骗体系的设计思想就是:以诱骗虚拟环境为核心,由诱骗决策系统决定诱骗虚拟环境切换策略,使得可疑行为在诱骗环境中的活动被监控、审计,并进行行为分析,同时由行为控制保证诱骗系统自身的安全。其体系结构由防火墙、入侵检测系统、主机特征检测、入侵规则生成、入侵诱骗虚拟环境组成。
The paper proposes an intrusion deception system based on intrusion deception technology. The design idea of intrusion deception system is that the intrusion deception virtual environment is core. Doubtful behavior redirected to the strictly controlled deception environment can be supervised,audited,and analyzed.All audited information is sent to the intrusion detection system to improve the ability of intrusion detection.
出处
《中国教育网络》
2007年第2期49-52,共4页
China Education Network
关键词
入侵诱骗
入侵检测
虚拟环境
虚拟服务
Intrusion deception, Intrusion detection system,Virtual environment, Virtual service
